Safety best practices
1. Safety best practices
In this last video, we will explore the best practices for maintaining safety while using the OpenAI API.2. Safety with the OpenAI API
In addition to the techniques we've seen so far, there are multiple ways to ensure safety when developing AI systems.3. Safety with the OpenAI API
AI safety encompasses multiple disciplines, and needs to ensure that the content generated is safe, including following ethics and fairness guidelines.4. Safety with the OpenAI API
As the content generated is not strictly set by the developers of the product, safety also needs to ensure that it is aligned with the scope of the product.5. Safety with the OpenAI API
Finally, it also includes traditional safety measures for software systems, including keeping data safe,6. Safety with the OpenAI API
and securing the whole system against attacks.7. Best practices
We have already explored some steps to keep the responses within ethical guidelines, and to keep the content relevant: one of these is using moderation API to reduce the occurrence of unsafe content. We've also seen how adversarial testing is used to ensure applications are robust against inputs designed to 'break' the underlying models. We've seen how limiting the number of input and output tokens can prevent prompt injection and misuse. Finally, crafting prompts to guide the AI's output in terms of topic and tone, and adding context, can help steer outputs in the right direction.8. Best practices
Let's have a look at additional measures we can take. When possible, content safety can be enhanced by incorporating human oversight, particularly in specialized domains. This could involve having outputs sampled and checked by a professional with domain expertise, with the development team integrating their feedback back into the model. Requiring users to register and log in to access our service can further reduce risks as it constitutes an additional check. Providing users with a clear method for reporting issues with the application is a way to have additional oversight.9. Best practices
For the security of our data and our system, it is also important to keep our API key, that we have used throughout the course, in a safe and private environment. Finally it is important to recognize that all language models have limitations, and to communicate this to our user-base to manage expectations.10. Using end-user IDs
As a way to prevent malicious actors from misusing AI systems, OpenAI suggests including unique user IDs in requests. This ensures that the API call can be easily identified in case of guidelines violations. It can be done by hashing usernames for registered users and, for non-registered users, by passing unique session IDs. In Python we can use the uuid library and generate universal unique identifiers using uuid4. We can then cast the ID as a string and pass it to the chat completions endpoint, such as in this example.11. Keeping your API key safe
We have seen throughout the course how the OpenAI API is accessed by passing a key. This key is used to keep the communication between our system and the API safe, and it is important to keep it secure. Here are some best practices to ensure this: Keeping API keys server-side to avoid exposure in client-side environments like browsers or mobile apps. Never committing API keys to source code repositories. Instead, using environment variables to save the key, even in private repositories. Utilizing key management services for secure API key storage and access control. Regularly monitoring account usage and rotating API keys.12. Let's practice!
As we conclude this course, remember that adhering to best practices, ensuring secure integration with external systems, and prioritizing safety are paramount. You're now well-equipped to build robust and responsible AI-powered systems that leverage the full potential of OpenAI's technology. And now let's practice a few more exercises!Create Your Free Account
or
By continuing, you accept our Terms of Use, our Privacy Policy and that your data is stored in the USA.